System, method, and computer program product for performing one or more maintenance tasks on a remotely located computer connected to a server computer via a data network

ABSTRACT

A method and computer executable program code are disclosed for performing one or more maintenance tasks on a remotely located computer connected to a server computer via a data network.

FIELD OF THE INVENTION

This invention relates in general to computer networks.

BACKGROUND OF THE INVENTION

Section A

This relates to a variety of problems such as computer viruses, cleanupof unusable or unwanted programs, and upgrading software that annoy andinconvenience the users of personal computers.

Despite the existence of good programs to detect and remove computerviruses, unscrupulous and adventurous computer programmers frequentlytry to skirt the virus antidote programs by creating new viruses thatare hard to detect or remove. Thus, there is an on-going strugglebetween the creators of virus programs and the companies that find theantidotes for such viruses. A diligent user of a computer, therefore,must keep abreast of the developments in the computer virus warfare andupgrade to the latest software to detect and eliminate any new virusthat may have infected his computer system. An automatic way ofupgrading the virus antidote programs would help to ease the burden onthe computer user.

Today, there are hundreds of vendors who offer trial versions(“demonstration copies”) of software as a method of gaining inroads inthe market place. A typical computer user may wish to evaluatedemonstration copies of software programs by different vendors beforemaking a decision to purchase the best program for a particular use.These demonstration copies, once downloaded and activated, will resideon the computer after any expiration date set therein unless deliberateefforts are made to remove them. Once a demonstration copy has expired,it will not be useful to a computer user and will only take up valuablestorage space on the user's computer. A typical computer user must plodthrough all directories in the computer to identify the unusable orunwanted computer programs and remove them in a careful manner. Toperform such task manually is not an optimal use of the time of atypical user. Additionally, in a manual cleanup of unusable or unwantedcomputer programs, there is a danger of deleting critical or usefulprograms accidentally, thus rendering the computer inoperative. Thus,there has developed a need for an accounting of software that isfunctional and useful and that which is unusable and merely occupyingstorage space on the computer.

To overcome some difficulties in removing outdated software programsfrom a user's computers, some vendors have started to market softwareprograms like TuneUp™ to perform these tasks automatically. However,because of changes in the releases of operating systems, or the additionof new features, newer versions of such programs are released often.This creates a situation where a user must purchase and upgrade theprevious versions of the “tuneup” programs. Accordingly, there is a needfor an automatic method and system to cleanup a computer storage withoutthe need to purchase newer versions of cleanup software. It isbeneficial to a user if such cleanup happens without the user'sintervention, and during the times when the user does not attend to thecomputer.

Another problem faced by a computer user is prompt notification that anew upgraded version of software is available. In the past, vendors havedeveloped different ways to notify their customers. One method is toplace a new advertisement banner indicating a new product or offering onother web sites and lead users to the advertiser's web site. But notmany customers respond to such Internet invitations to click on anadvertisement banner. Another way is to post a “What's New” page on avendor's web site with links to other pages containing detailedinformation. This does not work well because this requires users tovisit the vendor's web site periodically looking for new information. Athird way is to maintain lists of electronic mail addresses forinterested customers and send them e-mail notification periodically.Maintenance of these lists has proved to be tedious. Additionally, manycustomers object to receiving unsolicited electronic missives.

In order to automatically update information in a personal computer viathe Internet, a new technology, called the “push” technology, hasemerged. This technology incorporates the broadcasting model into webservers and browsers. The primary purpose of this technology is toovercome the problem of ensuring that interested parties are notifiedwhenever information content in a web site is updated. “Content” isdistinguished from other kinds of electronic information, such asprograms and electronic mail messages in that content is the subjectmatter contained in a newspaper, a Lexis/Nexis™ database or the like.Content is neither a machine to perform a task nor a structure ordescription of how data are arranged in a computer. The push technologyhas helped corporations tailor their sites for particular groups ofusers so that interesting content is easily located. The push technologyalso has enabled messages to be sent to the audiences when it was deemedready for publication. Using push publishing, web site publishers havedelivered newsletters to niche audiences or notified subsets of theirreaders of updated content.

PointCast™ was one of the earliest implementations of the pushtechnology to deliver information content. A user is typically advisedto specify the type of content—news, entertainment, sports, or interestgroup related information—to be downloaded as it is updated. Whenupgraded content is available, the user may elect to download theinformation which can be browsed locally at the user's computer.PointCast™, however, is configured only to deliver content to thebrowser of a computer over the Internet. It is not designed or equippedwith the means to download executable programs to a storage deviceconnected to a computer and execute them at the remote computer.

Other products are aimed at delivering executable computer programs to auser computer and executing them locally. Oil Change™ is such a product.Once installed on the user computer, it allows automatic updating ofcomputer programs via the Internet. In the case of Oil Change™, a usercan update to new versions of previously purchased and loaded software,or download a new “patch” or a bugfix, device drivers for new peripheraldevices, templates, clip art and business forms to work in conjunctionwith word processing software packages, screen saver images, or thelatest amendments to the tax code to work with accounting softwarepackages. Another example of a similar commercially available product isCastane™ from Marimba, Inc. In these systems, a user is required todownload executable software programs from the vendor's web site via theInternet using a variant of a protocol called the File Transfer Protocol(“ftp”), and manually execute the downloaded programs on the user'spersonal computer thereafter. This mechanism is similar to loadingsoftware from a store-bought portable storage medium, such as a magnetictape, a floppy disk or a CD ROM and running the software locally on auser's computer, except that the program is downloaded from the Internetinstead of being loaded from a storage device.

Executing software on a 32-bit personal computer running aWindows-95®/98® or NT® operating system involves registering thesoftware in a data store called Windows Registry. Windows Registry is aconfiguration data store for both hardware and software. The settings inWindows Registry control the behavior of the software. When a userattempts to execute software on a personal computer equipped with theabove-mentioned operating systems, the operating system interprets theuser's attempt and runs the software based exclusively on theinformation from the Windows Registry. Typically, an entry in Windows®Registry is made during the installation process of new software on acomputer. Vendors of software application programs provide automaticmeans to ensure proper installation of their programs. If, on the otherhand, no entry is made in the Windows® Registry, the context under whicha user used the software is lost. There is a need, therefore, for asystem and method to store the information related to the context ofsoftware usage without using the Windows® Registry as a repository ofsuch information.

The programming language Java™ contemplates a virtual machine called theJava Virtual Machine™ (JVM) to run compiled Java™ code and stand-aloneprograms called “applets,” after they are downloaded to a compatible webbrowser such as the Netscape® Navigator™, in a tightly controlled andsecure environment. The JVM™ is a software implementation of a centralprocessing unit (CPU), an essential component in every computer.Software written in this virtual machine methodology run within acontained environment defined to work only in a browser program andcannot access a client computer's file system or desktop easily.

Other programming methodologies, such as the Component Object Model(COM) have been developed to overcome this deficiency. However, thisdoes not solve all the problems with delivering executable software to aclient computer over the Internet in a form ready to be automaticallyexecuted. There is a need, therefore, for a method to encapsulatesoftware as to make it executable automatically upon delivery to theclient computer.

Users of personal computers do not wish to entrust access to theircomputers to an unknown remotely located entity, for fear of losingprivacy or causing damage to data stored in their computers. A serviceoffered by a trustworthy source such as McAfee Associates, Inc., a wellknown vendor of computer security software, will overcome the userreluctance to allowing access of their personal computers to a remoteoperator.

In summary, the state of the art provides means to deliver components ofprograms, means to deliver executable programs that must be executedlocally by manual intervention, and means to provide content rather thanexecutable programs. This art can be improved by delivering executablesoftware rather than mere components to a personal computer; by allowinga trusted remote operator to access the internal components of apersonal computer; and by executing programs automatically from a remotelocation. There is a need, for example, for a system and method in whichwhen a user connects with a web site, an application may be downloaded,installed, registered and executed without any further intervention onthe part of the user.

Section B

The public data networks, collectively called the Internet andcolloquially referred to as the Web, are becoming increasingly popular.Among other things, the Internet provides a communication medium todistribute software products to computers that are located at distantplaces. The numerous methods by which sellers of computer softwareprograms deliver executable programs automatically to client computersowned or operated by users are described herein and in the parentapplication, the disclosure of which is hereby incorporated byreference.

To understand the invention, it is helpful to understand thedistinctions among the terms content, browser, type-setting program,embedded object and script. These five types of entities are describedbelow in the context of Internet-related software.

Content is the subject matter contained in a web page. Content isdistinguished from the other entities described herein in that contentis not a program; it is the data that is presented to a user.

A web browser, or simply, a browser, is a computer program that providesaccess to the vast resources of the Internet. Typically, this is done byproviding a “window” to the data located on other computers connected tothe Internet. A frame is a part or section of a browser window thatcontains a distinct display area. If a web page is defined to containmultiple frames, each frame can act as an independent display area, andcan download web pages located at different web sites, while displayingthem together in one window on a browser. Alternatively, a web page maycause multiple browser windows to be created on the user's computer. Abrowser can also be described as a “container” of the various componentsit displays. Thus, while the components are embedded in a browser, thebrowser envelops the components.

In general, in a window-based computer system, such as the Windows™ 98™program marketed by the Microsoft Corporation, windows are arrangedhierarchically. A browser program that executes on a window-basedcomputer system is also arranged hierarchically. When a browserapplication is launched on a windows-based computer system, the firstwindow that appears is called “parent window” or “main window” or“top-level” window. This top-level window can later “spawn” or “fork”other windows, which are called “sub-windows” that run otherapplications. A sub-window may be created by executing a script within abrowser window, and may be programmed to run another instance of abrowser program. In such cases, the sub-window is called an “opener”window. Thus, it may be the case that a first window running a browserprogram—a top-level window—is programmed to point to a web site, and asub-window created from the same browser program is programmed to pointto a different web site.

A type-setting program is a presentation program, typically written inthe Hyper Text Markup Language (HTML). In an HTML-encoded program,content is surrounded by codes that indicate the manner in which thebrowser presents the content to a user. Additionally, HTML encodescertain devices called “links” that allow a user to “navigate” the webby simply clicking on a sensitive area of the web page.

A document that contains “objects” or “components” like graphics, audioor video files, or charts in addition to text is called an embeddeddocument object. Several competing standards exist in the marketplacefor documents that can be transmitted over the Internet and displayed ina browser. For example, two such standards are OpenDoc, promoted by theInternational Business Machines Corporation and Object Linking andEmbedding (OLE), promoted by the Microsoft Corporation. Typically, thesestandards provide for an application programming interface (API) thatallows an independent software vendor (ISV) to develop applications thatdeliver components via the Internet. An API generally allows aprogrammer to interact with an enveloping browser. For example, aprogrammer may seek to determine the precise configuration of thebrowser by reading the values of its internal parameters. Alternatively,a programmer may wish to adapt the browser to a desired configuration byappropriately setting the browser's parameters.

Finally, a script is a list of computer-executable instructions,typically written in a human-readable language. Some browsers areconfigured to execute instructions written in script languages. In suchbrowsers, an analog of a Central Processor Unit (CPU)—which is anessential component of all modern computers—is defined within thesoftware contained in the browser. This software-defined CPU executesthe scripts within the browser environment. For example, JavaScript™ isa language in which a programmer can code in a human-readable set ofinstructions that can be executed within the browser environment. Inthis case, the browser is said to be a “container” object to execute thescript within its bounds.

Referring now to the parent application, to achieve the objective statedtherein, a web browser program running on a client computer must be ableto access the inner workings of the client computer. This can beachieved with the help of the OLE document object technology. The OLEtechnology is a “system-level object architecture that includes servicesfor all-inclusive data access, remote distribution of softwarecomponents across heterogeneous platforms, robust transactionprocessing, and large-group development.” ActiveX™ technology, developedby the Microsoft Corporation, of Redmond, Wash., uses the OLEarchitecture and provides the building blocks that enable a provider todistribute over a network software executables that can be executed on aclient machine. In general, such distribution of software executables isdone via a web browser as described in the parent application.Typically, this execution on a client machine is done when a page sourceis input to it by invoking certain scripts embedded in the web browser.The downloaded software components are called ActiveX™ controls, whichare computer executable pieces of program code. One feature of ActiveX™controls is that they have no restrictions placed on them once theyreach a user's machine. For example, a programmer may write an ActiveX™control that, upon downloading to a user's computer, can shut down thecomputer or reformat its hard drive thereby destroying all data storedon the computer. This creates an easy way for malicious programs such asviruses to reach the client computer and be executed without the user'snotice.

To overcome these security problems, the Microsoft Corporation requiresall ActiveX™ controls to be verified by a signature initiative calledAuthenticode. This verification works in the following way. EachActiveX™ control is given a secure and encrypted digital signature by atrusted corporation. All browsers that allow download and execution ofActiveX controls are pre-programmed to verify the digital signature.Every time an ActiveX™ control is about to be downloaded, the browserexamines the digital signature associated with the control. If thesignature is verified as authentic by the browser, it is downloadedwithout any problems. Otherwise, the browser issues a warning message tothe user.

As explained in the parent application, the invention described thereinuses some of the features of a programming methodology exemplified byActiveX™ to effect easy and “hands-free” automatic downloading ofsoftware executables to a user's computer without any action taken onthe part of the user. While the invented method and system help achievethe stated ends, a security threat may be created because of theabove-mentioned feature of the ActiveX-like technologies that allowsunrestricted access by the embedded code to a user's computer.

Because computers today are interconnected by networks such as theInternet, computer security has become a more important issue thanbefore. Today, computers are more prone to attacks by viruses and TrojanHorses. A virus is a piece of computer code that replicates itselfwithout a user's intervention. Left unchecked, a virus may copy itselfstealthily to other computers and corrupt the data stored in storagedevices connected to the computers. For example, a virus may rewrite asection of a computer start-up program called the “boot sector”. Everytime a computer is started, the virus copies itself into the memory ofthe computer and waits. Suppose a user wishes to copy some data from thecomputer to a portable medium such as a floppy disk. The virus that hascopied itself to the memory could be programmed to intercept the writingof the data to the disk and copy itself to the disk along with the data.In this manner, the virus has replicated itself to the floppy disk andis now ready to infect other computers where the floppy disk is used.

In contrast to a computer virus, a “Trojan Horse” is a maliciouscomputer program that—like the fabled instrument of war used by ancientGreeks to gain entry into Troy—causes a user to believe that it is alegitimate program and entices the user operating a computer to performcertain actions that lead to compromising the security of the datastored in the computer.

Referring back to the parent application, assume that in accordance withthe invention described therein, an Internet Clinical Services Provider(ICSP) downloads a software program called QuickClean™, designed to“cleanup” the user's hard drive. In accordance with the above-mentionedActiveX™ Authenticode initiative, a license file is delivered to theuser along with the QuickClean program. This software is designed withembedded methods or sub-routines that, when invoked properly using ascript, rid the user computer of unwanted or unused software in anorderly manner. However, since these methods or sub-routines forremoving unwanted or unused software are invoked by a script, amalicious user can also invoke the script in such a way as to removedesirable or valuable software, thereby causing severe damage to theuser's computer. Moreover, a malicious user may also attempt to secretlytransfer the contents of a user's computer by e-mailing these to his owncomputer. In the computer security lingo, such a malicious user orprogrammer is called a computer “hacker.” The above-mentioned maliciousact, called computer “hacking,” can be accomplished in two ways.

In accordance with a first way of hacking, a hacker obtains a legitimatecopy of QuickClean™ and its associated license file from the ICSP. Thehacker can then create his own web site and host both QuickClean™ andthe associated Authenticode license file on his web site and inviteothers to use the “free” software. The hacker creates a web page on hisweb site that contains a malicious script that will use the methods orsub-routines in the QuickClean™ program to erase a user's hard disk.When a user, enticed by the “free” software downloads the web page fromthe hacker's web site, the hacker will download the QuickClean™ programto the user's computer and invoke the methods in the program to erasethe user's hard disk. Alternatively, suppose a user visits an authorizedICSP web site first and downloads the QuickClean™ program along with theassociated Authenticode license file. Later, the user visits thehacker's web site. Since the QuickClean™ program is already stored onthe user's computer, the hacker does not need to obtain a legitimatecopy to wreak havoc on a user's computer by providing a script to invokethe sub-routines embedded in the QuickClean™ program.

In accordance with a second way of hacking, a hacker may entice anunsuspecting user to visit his web site. The hacker may program his webpages to invoke multiple frames or multiple browser windows. In oneframe or browser window, the hacker can cause the user computer todownload the QuickClean™ program and the associated license file fromthe ICSP web site. In a second frame or browser window, the hacker canrun his malicious script, thereby causing damage as described above.

There is a need, therefore, for a system and method to prevent a hackerfrom activating the methods or sub-routines embedded in a computerexecutable code downloaded to a user computer via the web.

SUMMARY OF THE INVENTION

A method and computer executable program code are disclosed forperforming one or more maintenance tasks on a remotely located computerconnected to a server computer via a data network.

DESCRIPTION OF THE DRAWINGS

These and other objects, features and advantages of the invention willbe more readily apparent from the following detailed description of apreferred embodiment in which:

FIG. 1 depicts the overall architecture of an embodiment of the presentinvention comprising a server computer and a user computer connected viaa data network;

FIG. 2 is a detailed view of the component parts of an embodiment of thepresent invention;

FIG. 3 is a sample web page depicting a user enrollment form; and

FIGS. 4-1 and 4-2 are a flow chart depicting operation of an embodimentof the present invention;

FIG. 5 shows a server computer connected to a client computer via theInternet; and

FIGS. 6A and 6B are a flow diagram depicting the steps comprising apreferred method to practice the invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

Referring to the drawings, wherein like reference numbers refer to likeparts, FIG. 1 illustrates one embodiment of the invention. An Internetclinical services provider (“ICSP”) maintains and controls a servercomputer 100, which is connected to a data communication network, suchas a Local Area Network, a Wide Area Network or other similar network.In a preferred embodiment as shown in FIG. 1, the data communicationnetwork is the Internet 102. The server computer 100 is equipped withstorage 110, memory 112, and a network interface device 114 to connectto the Internet 102. The server computer 100 makes available informationthat can be accessed via Internet 102 by user computer 104 using abrowser. User computer 104 is connected to the Internet 102 via a modem106. The user computer 104 is equipped with a semiconductor memory, astorage device such as a disk drive, a central processing unit such as aPentium™, Pentium II™, or Motorola 68000 microprocessor, and a displaydevice such as a CRT. Additionally, the user computer 104 is equippedwith software that enables the user to connect to the Internet 102 viathe modem 106 as well as a browser 116 (shown in FIG. 2) that allows theuser to “surf” the Internet 102.

Now referring to FIG. 2, in a preferred embodiment the server computer100 comprises web server software 120, and is coupled to server-sideengines 150 to deliver Hyper Text Markup Language (HTML), Microsoft®Active Server Pages™ (ASP), and ActiveX™.

Also on the server computer 100, a Common Gateway Interface (CGI)program 140 provides the software interconnection between the Internet102 and other programs running on the server computer 100. Typically,the CGI program 140 forms the gateway to the Internet 102 by opening aconnection via a Transport Control Protocol/Internet Protocol (TCP/IP)stack. All requests enter the server computer 100 via the CGI program140, and all responses are delivered to the user computer 104 via theInternet 102 by way of the CGI program 140.

In a preferred embodiment, the server-side engine 150 software isimplemented in the programming language ActiveX™ marketed by theMicrosoft Corporation, of Redmond, Wash. ActiveX™ is a set oftechnologies that enables software components to interact with oneanother in a networked environment, regardless of the language in whichthey were created. ActiveX™ is built on the Component Object Model(COM). An ActiveX™ control is an object created using the ActiveX™technology.

The server-side engines 150 are information delivery systems thatrespond to an Internet request for a particular type of service. A usermakes an Internet request for service typically by typing a UniversalResource Locator (URL) in the web browser 116 running on the usercomputer 104, and submitting it in the form of a packet of data to theserver computer 100. Thus, the user computer establishes a logicalconnection with the server computer. When the user computer 104 requestsan ActiveX™ service, the server-side ActiveX™ engine 150 deliverscorresponding objects called “ActiveX™ controls” and accompanying scriptfiles, embedded in a HTML file, to the user computer 104. ActiveX™controls are programming building blocks that enable small componentparts of software to be embedded in a HTML page 500 and sent to theclient computer 104 in response to a user request. A more detailedexplanation of the workings of the ActiveX™ controls and the method bywhich they are delivered to a user computer is provided in the book,“Understanding ActiveX™ and OLE™,” by David Chappell, Microsoft® Press,Washington, 1996, which is incorporated herein by reference. One ofordinary skill in the art will recognize that ActiveX™ controls couldeasily be substituted with other similar mechanisms without undueexperimentation if a Java™-enabled browser or any other browser providesa mechanism to access the inner workings of the user computer 104.

Also connected to the server computer 100 is an application knowledgebase 128, which is a repository of data pertaining to the varioussoftware that are delivered to the client computer 104 by theserver-side engines 150. The data stored by the application knowledgebase 128 typically relates to the specific characteristics of anexecutable software program. For example, if a new version of ananti-virus program is available, then the knowledge base stores thechanged programs or dynamic link libraries (DLL) of the new version.Before the server-side engines 150 download software to the usercomputer 104, they consult with the knowledge base and determine that anupgrade is needed for the user computer 104.

The server computer 100 is additionally connected to a billing database130 and a user profile database 132. The billing database 130 stores theinformation related to any user requests for services offered by theICSP; the user profile database 132 enables storage, update, andretrieval of any user-related information, such as name, contactaddress, telephone number and e-mail address. In a preferred embodiment,both the billing database 130 and the user profile database 132 areimplemented using a Microsoft® SQL Serve™ database system. Inalternative embodiments, any indexing system, relational databasemanagement system, flat files or other data storage and retrievalmechanism can be used. The billing database 130 and the user profiledatabase 132 provide interfaces that enable a server-side engine torequest pertinent information in the form of a database query-responseinteraction method, such as the Structured Query Language (SQL) method.

It is to be appreciated that, in accordance with a preferred embodiment,an account for the user may be created on the server computer before orduring the registration step. Generally speaking, this will include thesteps of taking a customer credit card number or receiving other fundsfrom the customer, and adding funds to the account. Each time the useruses the services of the ICSP, the account may be debited.Alternatively, the account need not be debited every time the user usesthe services of the ICSP, but rather the ICSP services may be offered ona subscription basis, wherein the customer may purchases a subscriptionat the beginning of a time period (such as one year) and may then usethe services of the ICSP as much as desired through the course of thetime period.

Illustrative operation of the invention is described in conjunction withFIGS. 3-4. A user at a personal computer such as computer 104 accessesthe ICSP by typing the URL for the “clinic” web page 300. This causesbrowser 116 to access the server computer 100, thereby establishing alogical connection with the server computer. The server computer 100then responds to the user request by sending web page 300, preferably ahome page for the ICSP service, to user computer 104 for display. Theweb page 300 contains fields for an identification number 302, a user'se-mail address 304, and optionally, a web password 306. The user entersthe user identification information in the web page 300 and sends thepage to the server computer 100 (step 402). The CGI program 140 runningon the server computer 100 receives the user identification informationand performs a lookup in the user profile database 132 to authenticatethe user (step 404). If the user is not authenticated, the CGI program140 sends an error message to the user computer 104 in the form of a webpage (step 420). If, on the other hand, the user is authenticated, theCGI program 140 on the server computer 100 creates a secured connectionbetween the user computer 104 and the server computer 100 (step 406).This process, of authenticating the user computer 104 and creating asecured connection between the two computers 100 and 104, is called“registering” the user computer 104 with the ICSP. The act ofregistering the user computer 104 at the server computer 100 web sitecauses the user computer 104 to allow the server computer 100 to runscripts to start applications.

An “event” is an action performed by a user or by the server computer100. For example, registering a user computer 104 at the ICSP web siteis an event. Similarly, the occurrence of a timeout condition, theautomatic downloading of an anti-virus program to the user computer 104,or the termination of the secure connection, are events caused by theserver computer 100. A “transaction” is defined as a set of events thatoccur between the registration of the user computer 104 at the ICSP website and the completion of the actions by the server computer 100 or thetermination of the connection established between the two computers.After the user computer 104 is registered at the ICSP, entries are madein the billing database 130 and the user profile database 132 for theevent (step 407).

The CGI program running on the server computer 100 causes a web page tobe downloaded to the user computer 104. Embedded in the web page areActiveX™ controls and scripts that cause a search program to be executedon the user computer 104 to determine if any executable software needsexecution, installation, upgrades or updates (step 408). In a preferredembodiment, this results in a search of the user computer's storagemedium, for example, in the cache area of the browser 116, to determineif any program needs to be downloaded. Additionally, the program looksto determine if there is a need to execute any software program, such asan anti-virus program (step 410). If no execution, installation,upgrades or updates are needed, then the connection between the servercomputer 100 and the user computer 104 is terminated (step 412).

If, on the other hand, an execution, installation, upgrade or update isdetermined to be needed, the server computer 100 then proceeds todownload new executable software to the user computer 104 via theInternet 102 connection (step 414), or to execute previously downloadedsoftware (step 416). In a preferred embodiment, the server computer 100downloads an application engine by wrapping it in a COM/ActiveX wrapperand storing the entire package in a browser cache area of the clientcomputer 104.

These application engines are configured to perform different tasks or acombination of different tasks. These tasks include, but are not limitedto, checking for any computer viruses on the user computer 104;compressing the software or data located on the storage connected to theuser computer 104; searching for software or data on the user computer104 that needs upgraded versions; upgrading the software or data on theuser computer 104; searching for and deleting unused, obsolete, unneededor undesired software, components or data on the user computer 104;archiving software or data located on the user computer 104; shreddingor deleting without trace the data or software located on the usercomputer; advising or responding to user questions as an expert advisorsystem; performing hardware and software diagnostics on the usercomputer 104; and providing a health report card for the user computer104. It should be noted that a person skilled in the art may downloadsoftware to accomplish other tasks in a similar manner. Accordingly, thescope of the present invention encompasses that as well.

After the server computer 100 downloads a program to the user computer104 (according to step 414), the server computer 100 automaticallyexecutes the program on the user computer 104 without any interventionby the user (step 416). The details of the execution of the downloadedprogram are recorded in the database 130 and the user profile database132 connected to the server computer 100 (step 418).

After the application is executed on the user computer 104, the servercomputer 100 checks if any other programs need to be downloaded orupgraded on the client computer 104 (step 420). If other programs are tobe downloaded or executed, then the server computer 100 performs steps408-416 without any further intervention by the user.

Upon the expiration of a time period set by the ICSP, or upon demand, areport is generated by the server computer 100 of the transactionslogged in the databases 132 and 130 (step 422). This report is either ina textual form summarizing different classes of transactions requestedby users of the ICSP, or in a graphical form with two- orthree-dimensional bar-graphs, stacked bar graphs, line graphs, or piecharts displaying statistical analyses of different operations performedby or with the server computer 100. Reports of the statistical analysisand graphs representing such analysis are then transmitted in anelectronic form to the user computer 104.

Accordingly, using a method in accordance with the preferredembodiments, a relatively unsophisticated computer user who has anInternet browser such as Internet Explorer 4.0 or Netscape Communicator4.0 installed on their computer system is capable of maintaining asecure, up-to-date, and optimized computer system without needing tomanually perform the “sophisticated” steps of purchasing and installingsoftware upgrades, optimization software, antivirus programs, etc.Rather, in a manner analogous to the way a car owner simply takes theircar to a service garage and walk away while the car is “automatically”upgraded or repaired, a user in a system according to the preferredembodiments may simply “park” their computer at the ICSP using their Webbrowser and, after registration or other validation procedure, maysimply “walk away” while their computer is automatically upgraded orrepaired by encapsulated routines that are automatically downloaded fromthe ICSP.

The foregoing describes a new and useful method and system forautomatically downloading and remotely executing software applicationsover a secure Internet 102 connection. Those skilled in the art may makenumerous modifications and departures from the specific embodimentswithout departing from the spirit and scope of the claimed invention.For example, the server computer 100 can comprise a distributedcomputing system or a cluster of networked computers; the database maycomprise a distributed database or several databases. Additionally, webpages may comprise an interface that is not specified herein. Otherembodiments may include a network connection other than the Internet 102between the server computer 100 and the user computer 104; and thesoftware downloaded may be intended to perform tasks such as databasemanagement, word processing, spread sheet, games, or other tasks thatare not specified herein.

FIGS. 5-6B illustrate another embodiment. Referring to FIG. 5, a clientcomputer 5100 is connected to the Internet 5102. Also connected to theInternet 5102 is a server computer 5104. The client computer 5100 can bea personal computer (PC), and is equipped with a processor, such as aPentium II™ microprocessor, a display device such as a computer monitoror a flat panel display, a memory such as a semiconductor memory, aninput device such as a computer keyboard or a mouse, and a storagedevice such as a computer hard drive. The client computer 5100 isconfigured to run an ActiveX™-compatible browser such as the Microsoft®Internet Explorer browser program. The browser program is adapted toincorporate an embedded object model, facilitating the delivery ofobjects by the server computer 5104 to the client computer 5100. Thoughin the preferred embodiment a Microsoft® Internet Explorer browser andthe ActiveX™ technology are discussed, these should not be viewed aslimitations to the invention. While in the illustrative discussionherein the technologies are enumerated as the best ways to practice theinvention, the invention is contemplated to extend beyond these specificmodes of implementation.

As described in the parent application, the server computer 5104 isoperated by an Internet Clinical Services Provider (ICSP). The servercomputer 5104 comprises a processor, such as a Pentium II™microprocessor, a memory such as a semiconductor memory, and a storagedevice such as a computer hard drive. The server computer 5104 isconfigured to receive request messages from the client computer 5100over the internet in the Hyper Text Transfer Protocol (HTTP), FileTransfer Protocol (FTP) or any similar protocol used to transfer data,video, voice or a combination of these media. The server computer 5104is configured to transmit in response messages that include “web pages”that are programmed in Hyper Text Markup Language (HTML) or a similarlanguage. Embedded in the web pages are components such as documents,scripts, objects, frames and others that enable the server computer 5104to display colorful graphical images on the display device coupled tothe client computer 5100.

Now referring to FIGS. 6A and 6B, in accordance with the inventiondescribed in the parent application, a user operating the clientcomputer 5100 enters the Universal Resource Locator (URL) pertaining tothe server computer 5104 in a window provided by the browser programrunning on the client computer 5100. When the user presses a “send”button on the browser, this causes a request message to be transmittedto the server computer 5104. (Step 6200). The server computer 5104 thencauses an identification web page to be displayed on the browser windowat the client computer 5100. After the user enters the appropriateidentification information in the browser window, this information istransmitted to the server computer. (Step 6202).

The server computer 5104 authenticates the user (Step 6204), and ifauthenticated, proceeds to download a copy of an ActiveX™-control-likesoftware program and an associated license file to the client computer5100. (Step 6205). For the purposes of illustration, assume that thesoftware program is QuickClean™ and the license file is namedQuickCleanLicense. The license file works in conjunction with thesoftware program in the following way. When software objects embedded inthe software program are to be executed, the browser or another programrunning on the client computer 5100 verifies if the license file and thesoftware objects are “related.” If they are found to be related, themethods (or sub-routines) within the software objects can be “invoked”by a script running on the client computer 5100. (Step 6206). If, on theother hand, QuickCleanLicense is found to be not related to QuickCleansoftware, then the client computer 5100 terminates the program afterdisplaying or sounding an alarm message. (Step 6220). It should be notedthat authentication of the user by the server computer 5104 (describedin step 6204) and the verification of the software objects by the clientcomputer 5100 (described in step 6206) are different tasks and shouldnot be confused with each other.

The invented method adds an additional step to the art described in theparent application. After the client computer 5100 determines that theQuickClean™ software and the QuickCleanLicense are “related,” the codein the QuickClean™ software must be “enabled” before it can be put tointended use. This is done by appropriately programming the QuickClean™software to perform a “first-check” and a “second-check” as follows.

In order to prevent the first method of hacking described in thisapplication, the QuickClean™ software is programmed to perform a“first-check” whereby it is determined if the browser is pointed to anICSP-authorized web site when the software is invoked by the scriptrunning on the client computer. When the script invokes a sub-routine ora method in the QuickClean™ software, a first set of instructionsembedded in the QuickClean™ software queries the browser to determinethe URL to which the browser is pointed. (Step 6208).

A hacker may mislead the client computer 5100 when it performs theabove-mentioned “first-check.” He can do this by causing the clientcomputer to open a new browser window or a new browser window frame,according to the second method of hacking described above. To preventthis, the following method is used to perform a “second-check” of theQuickClean™ software. This is accomplished by a second set ofinstructions embedded in the QuickClean software. The second set ofinstructions queries the browser to determine the URL pointed to by the“top-level” window and the “opener” window. (Step 6210).

For example, if ActiveX™ objects embedded in an OLE-compatible browserare used to implement the QuickClean™ program, the URL to which thebrowser is pointed can be obtained by calling the method GetDisplayNameprovided in the Monicker Interface or by calling the GetLocation methodprovided in the Service Provider Interface of the IOleClientSite objectdefined within the ActiveX™ object. If both the methods (or sub-routinecalls) return the same result, which is a ICSP-authorized URL, then theQuickClean™ software is deemed to have passed the “first check.” (Step6208). These two methods can be illustrated as follows:

(1) IOleClientSite-->MonickerInterface-->GetDisplayName( )

(2)IOleClientSite-->ServiceProviderInterface-->BrowserAppInterface-->GetLocation()

Additionally, the ActiveX objects embedded in the OLE-compatible browsercan determine the URL pointed to by the “top-level” window of thebrowser by calling the BrowserApp Interface which can query the DocumentObject to obtain the HREF property of the Top Window Object. The“opener” window is determined in a similar manner. This can beillustrated in the following sequence of function calls:

(1)BrowserAppInterface-->DocumentObject-->WindowObject-->TopWindowObject-->LocationInterface-->HrefProperty( )=top-level URL

(2) BrowserApplnterface-->DocumentObject-->WindowObject-->TopWindowObject-->OpenerWindowObject-->LocationInterface-->HrefProperty=opener URL

Once it is determined that the “top-level” URL and the “opener” URLpoint to the same authorized URL, then the QuickClean™ software isdeemed “secondarily enabled.” (Step 6210).

Upon a successful enablement according to steps 6208 and 6210, theQuickClean™ software is executed by scripts running on the clientcomputer 5100. (Step 6212). If, on the other hand, the QuickClean™software is not enabled according to steps 6208 or 6210, then an attemptby a script to run the software results in error messages. (Step 6220).

There is described in the foregoing a new and useful invention toprevent a hacker from causing a threat to the information contained in aclient computer by misusing authenticated objects designed to performsecure tasks. One skilled in the art may make several modifications toor departures from the preferred embodiments provided herein withoutdeparting from the spirit and scope of the invention, or without undueexperimentation. For example, the order in which steps 6208 and 6210 areexecuted may be interchanged; other browser programs can be used topractice the invention; and the technologies described herein to deliverand execute software via a computer network may be replaced with othersimilar technologies. All such departures and modifications are withinthe scope of this invention and should be construed accordingly.

1-20. (canceled)
 21. A client device, comprising: a processor coupled to a display device, the processor further coupled to at least one machine accessible storage medium having code stored thereon, the code when executed to cause the processor to: responsive to a user-initiated action, send a request to a server and receive a download of software from the server to the client device; determine, when the downloaded software is invoked to execute, whether at least one of the following is true: a) a selected source from which the software was downloaded is an authorized source and b) the software download is associated with a digital signature; and prevent execution of the downloaded software responsive to: a) determining that the selected source is not the authorized source; and b) determining that the software download is not associated with the digital signature.
 22. The client device of claim 21, wherein execution of the downloaded software is to be permitted based on determining that either that the selected source is the authorized source or that the software download is associated with the digital signature.
 23. The client device of claim 21, wherein the digital signature indicates an association with a trusted source.
 24. The client device of claim 21, wherein determining whether the selected source is an authorized source is to comprise identifying a uniform resource locator (URL) associated with the server and determining whether the URL is associated with an authorized source.
 25. The client device of claim 21, wherein the user action comprises a user input to indicate user approval of the download.
 26. The client device of claim 21, further comprising a browser.
 27. The client device of claim 26, wherein the request is generated, at least in part, using the browser.
 28. The client device of claim 21, wherein the code, when executed, is to further cause the processor to receive data to describe a license of the downloaded software.
 29. The client device of claim 21, wherein the client device comprises a personal computing device.
 30. The client device of claim 21, wherein the software download is received over the Internet.
 31. The client device of claim 30, wherein the software download is provided, at least in part, through an Internet browser of the client device.
 32. A method comprising: responsive to a user-initiated action, sending a request to a server; receiving, at a client computing device, a download of software from the server; determining, when the downloaded software is invoked to execute, whether at least one of the following is true: a) a selected source from which the software was downloaded is an authorized source and b) the software download is associated with a digital signature; and preventing execution of the downloaded software responsive to: a) determining that the selected source is not the authorized source; and b) determining that the software download is not associated with the digital signature.
 33. The method of claim 32, further comprising identifying a URL associated with the server.
 34. The method of claim 32, further comprising identifying signature data associated with the software.
 35. The method of claim 32, wherein determining whether the selected source is authorized comprises identifying an address of the server and determining whether the address corresponds to an authorized source.
 36. At least one machine accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to: responsive to a user-initiated action, send a request to a server and receive a download of software from the server to the client device; determine, when the downloaded software is invoked to execute, whether at least one of the following is true: a) a selected source from which the software was downloaded is an authorized source and b) the software download is associated with a digital signature; and prevent execution of the downloaded software responsive to: a) determining that the selected source is not the authorized source; and b) determining that the software download is not associated with the digital signature.
 37. The storage medium of claim 36, wherein the user-initiated action comprises an input to request the download of the software.
 38. The storage medium of claim 37, wherein the input is to be received through a browser of the client device.
 39. The storage medium of claim 36, wherein the server comprises a repository of a plurality of different software applications for download.
 40. The storage medium of claim 36, wherein execution of the downloaded is to be permanently prevented. 